You should now be able to login again, and this issue shouldn’t repeat itself. Jetpack’s Protect function looks at the incoming IP address when you try to login, and compares it against our network of blocked IPs. This works pretty well, unless Jetpack’s Protect is being told the wrong IP address by your site’s server. In your case, your server was reporting its own IP address to Protect, which is why it was blocked. This meant that every single time someone with a WordPress site on your site’s server entered the wrong password, we thought it was the same person. If your hosting provider has several hundred WordPress sites on the same server/IP, that adds up fast, leading to a ban on the IP.
I’ve made a couple of changes on our side, and Jetpack’s Protect feature will now determine incoming IP addresses a different way. You’re still protected!
– Jeremy Herve (@jeherve) – Plugin author
Solution:
Whitelisting Your IP Address
Whitelisting may be necessary if you’ve made too many failed log in attempts to your site. There are three methods for whitelisting your IP address:
If you have access to your site and you’ve not been blocked, you can enter your IP or IPv6 address(es) by going to Jetpack → Settings → Security → Brute force attack protection.
If you are blocked from entering your site, you can enter the IP or IPv6 address(es) via WordPress.com by visiting My Sites → Settings → Security → Prevent brute force login attacks
You can also whitelist one IP address by setting it as the JETPACK_IP_ADDRESS_OK constant in your wp-config.php like this:
define('JETPACK_IP_ADDRESS_OK', 'X.X.X.X');
You can find your IP by visiting any of the following sites:
Limit the number of login attempts that possible both through the normal login as well as using the auth cookies.
WordPress by default allows unlimited login attempts either through the login page or by sending special cookies. This allows passwords (or hashes) to be cracked via brute-force relatively easily.
Limit Login Attempts Reloaded blocks an Internet address from making further attempts after a specified limit on retries has been reached, making a brute-force attack difficult or impossible.
Features:
Limit the number of retry attempts when logging in (per each IP). This is fully customizable.
Limit the number of attempts to log in using authorization cookies in the same way.
Informs the user about the remaining retries or lockout time on the login page.
Optional logging and optional email notification.
Handles server behind the reverse proxy.
It is possible to whitelist/blacklist IPs and Usernames.
Sucuri Website Firewall compatibility.
XMLRPC gateway protection.
Woocommerce login page protection.
Multi-site compatibility with extra MU settings.
GDPR compliant. With this feature turned on, all logged IPs get obfuscated (md5-hashed).
Wordfence includes an endpoint firewall and malware scanner that were built from the ground up to protect WordPress. Our Threat Defense Feed arms Wordfence with the newest firewall rules, malware signatures and malicious IP addresses it needs to keep your website safe. Rounded out by a suite of additional features, Wordfence is the most comprehensive WordPress security solution available.
WORDPRESS FIREWALL
Web Application Firewall identifies and blocks malicious traffic. Built and maintained by a large team focused 100% on WordPress security.
[Premium] Real-time firewall rule and malware signature updates via the Threat Defense Feed (free version is delayed by 30 days).
[Premium] Real-time IP Blacklist blocks all requests from the most malicious IPs, protecting your site while reducing load.
Protects your site at the endpoint, enabling deep integration with WordPress. Unlike cloud alternatives does not break encryption, cannot be bypassed and cannot leak data.
Integrated malware scanner blocks requests that include malicious code or content.
Protection from brute force attacks by limiting login attempts, enforcing strong passwords and other login security measures.
WORDPRESS SECURITY SCANNER
Malware scanner checks core files, themes and plugins for malware, bad URLs, backdoors, SEO spam, malicious redirects and code injections.
[Premium] Real-time malware signature updates via the Threat Defense Feed (free version is delayed by 30 days).
Compares your core files, themes and plugins with what is in the WordPress.org repository, checking their integrity and reporting any changes to you.
Repair files that have changed by overwriting them with a pristine, original version. Delete any files that don’t belong easily within the Wordfence interface.
Checks your site for known security vulnerabilities and alerts you to any issues. Also alerts you to potential security issues when a plugin has been closed or abandoned.
Checks your content safety by scanning file contents, posts and comments for dangerous URLs and suspicious content.
[Premium] Checks to see if your site or IP have been blacklisted for malicious activity, generating spam or other security issue.
SECURITY TOOLS
With Live Traffic, monitor visits and hack attempts not shown in other analytics packages in real time; including origin, their IP address, the time of day and time spent on your site.
[Premium] Stop brute force attacks permanently by using two factor authentication, one of the most secure forms of remote system authentication available.
Block attackers by IP or build advanced rules based on IP Range, Hostname, User Agent and Referrer.
W3 Total Cache improves the SEO and user experience of your site by increasing website performance, reducing download times via features like content delivery network (CDN) integration.
The only web host agnostic WordPress Performance Optimization (WPO) framework recommended by countless web developers and web hosts. Trusted by numerous companies like: AT&T, stevesouders.com, mattcutts.com, mashable.com, smashingmagazine.com, makeuseof.com, kiss925.com, pearsonified.com, lockergnome.com, johnchow.com, ilovetypography.com, webdesignerdepot.com, css-tricks.com and tens of thousands of others.
An inside look:
BENEFITS
Improvements in search engine result page rankings, especially for mobile-friendly websites and sites that use SSL
At least 10x improvement in overall site performance (Grade A in WebPagetest or significant Google Page Speed improvements) when fully configured
Need some help with your search engine optimization? Need an SEO plugin that helps you reach for the stars? Yoast SEO is the original WordPress SEO plugin since 2008. It is the favorite tool of millions of users, ranging from the bakery around the corner to some of the most popular sites on the planet. With Yoast SEO, you get a solid toolset that helps you aim for that number one spot in the search results. Yoast: SEO for everyone.
Yoast SEO does everything in its power to please both visitors and search engine spiders. How? Below you’ll find a small sampling of the powers of Yoast SEO:
TAKING CARE OF YOUR WORDPRESS SEO
The most advanced XML Sitemaps functionality at the push of a button.
Full control over site breadcrumbs: add a piece of code and you’re good to go.
Set canonical URLs to avoid duplicate content. Never have to worry about Google penalties again.
Title and meta description templating for better branding and consistent snippets in the search results.
WRITE KILLER CONTENT WITH YOAST SEO
Content & SEO analysis: Invaluable tools to write SEO-friendly texts.
The snippet preview shows you how your post or page will look in the search results – even on mobile. Yoast SEO Premium even has social media previews!
[Premium] The Insights tool shows you what your text focuses on so you can keep your article in line with your keywords.
[Premium] Multiple focus keywords: Optimize your article for synonyms and related keywords.
[Premium] Automatic internal linking suggestions: write your article and get automatic suggested posts to link to.
KEEP YOUR SITE IN PERFECT SHAPE
Yoast SEO tunes the engine of your site so you can work on creating great content.
Our cornerstone content and internal linking features help you optimize your site structure in a breeze.
Integrates with Google Search Console: See how your site performs in the search engines and fix crawl errors.
Manage SEO roles: Give your colleagues access to specific sections of the Yoast SEO plugin.
Use this plugin to greatly improve SEO to create special XML sitemaps which will help search engines like Google, Bing, Yahoo and Ask.com to better index your site.
With such a sitemap, it’s much easier for the crawlers to see the complete structure of your site and retrieve it more efficiently. The plugin supports all kinds of WordPress generated pages as well as custom URLs. Additionally it notifies all major search engines every time you create a post about the new content.
We believe that you shouldn’t have to hire a developer to add Google Analytics to your website. That’s why we built MonsterInsights, a complete Google Analytics for WordPress plugin that’s EASY and POWERFUL.
MonsterInsights allow you to connect your WordPress website with Google Analytics, so you can see how visitors find and use your website, so you can keep them coming back. Simply put, we show you the stats that matter.
With almost 15 million downloads, MonsterInsights is the most popular Google Analytics plugin for WordPress.
At MonsterInsights, user experience is our #1 priority. That’s why we make it extremely easy for you to connect and view your Google Analytics reports from inside your WordPress dashboard. Our tracking settings and workflows make MonsterInsights the most beginner friendly google analytics plugin in the market.
Fast real-time website screenshot API. If you are a backend guy, handling multiple sites and uptime can get messy. This api can really help you in managing the tasks relating to visibility of your website across the web.